![Japanese Movie – The X From Outer Space (Uchu Dai Kaijyu Girara) [Japan BD] SHBR-263](https://techcratic.com/wp-content/uploads/2024/11/81rV3BDVGJL._SL1024_-360x180.jpg)
HackerOne
2020-09-16 12:45:00
www.hackerone.com
Traditional pentesting suffers from a persistent issue: a lack of transparency into the pentest process itself and what’s considered successful. Is success measured in quality of vulnerability reports, speed to launch, or pentester communication? Though pentests are relatively short, numerous factors influence the outcome of an engagement. However, most pentests lack data capture to review customer and pentester feedback.
With that in mind, we’re pleased to announce some enhancements to the pentester feedback ratings and review process. We’ve implemented these product changes to provide greater transparency across pentesters, customers, and HackerOne as well as to better track quality and performance across tests.
1) In-platform pentest ratings
As soon as the testing period is complete, both pentesters and customers are asked to complete a survey. Customers provide feedback on their experience working with the pentesters and on the quality of the final summary report, while pentesters are asked about their experience collaborating with their peers and interacting with the customer.
“Although tech-skills are important, pentests require soft skills in order to exceed customer’s expectations,” said Sandipa, a pentester within the HackerOne community. “These skills come from a pentester’s previous experience which might not be properly reflected through bounties paid or reputation points. Being able to showcase qualitative feedback from both customers and teammates help highlight professionalism and communication skills.”
2) Pentest activity on hacker profiles
Pentesters on HackerOne now have the ability to build their professional reputation on the platform by showcasing their pentest stats like the number of tests completed and by publishing testimonials written by peers and customers on their hacker profiles.
“What I like the most about pentest surveys is that you can make them public,” said Leandro, a pentester within the HackerOne community. “For some hackers, their HackerOne profile is their resume, but most of their best work is under NDA. The surveys make it possible to show the world how you perform in professional engagements with real-world testimonials.”
3) 360 feedback loop with customers and testers
Aggregating feedback and data trends allows HackerOne to maintain and improve the quality of our testers, recruit testers to meet customer needs, staff individual pentests, and source techniques for future pentests.
We’re constantly innovating to make our pentest platform more effective than traditional approaches. Our goal with these changes is to provide a feedback mechanism across all parties involved in the pentest engagement to optimize the end-end pentest workflow.
To start a HackerOne Pentest today, or learn more, contact us.
Support Techcratic
If you find value in Techcratic’s insights and articles, consider supporting us with Bitcoin. Your support helps me, as a solo operator, continue delivering high-quality content while managing all the technical aspects, from server maintenance to blog writing, future updates, and improvements. Support innovation! Thank you.
Bitcoin Address:
bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge
Please verify this address before sending funds.
Bitcoin QR Code
Simply scan the QR code below to support Techcratic.
Please read the Privacy and Security Disclaimer on how Techcratic handles your support.
Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.
